Bangkok--3 May--Spark Communications
As the saying goes, "Where there's a will, there's a way." However, summoning up the "will" can be difficult as inertia is a powerful force. We are reminded of this every day when we type in a password to access our computers, online shopping accounts or to make a payment.
With World Password Day just days away, it's timely to acknowledge the computer password is over 50 years old – invented by Fernando Corbato in the 1960s. Since then, other ways for consumers to authenticate their identity have been developed and according to aEuromonitor study, occurred 52 trillion times in 2016. However, traditional methods of entering a password, mother's maiden name, high school mascot, or other types of knowledge-based authentication have frustrated even the most patient consumers when the information is forgotten, stolen or has be typed onto tiny keyboards. More importantly, there are more secure ways to verify who you are.
It is time for change
Visa believes the payment industry can move away from passwords in the next 5 years.
Advancements in authentication and anti-fraud technologies are already making static cardholder verification (CVM) methods such as signature and PINs safely optional for merchants and issuers in some environments. In October 2018, signature became optional for EMV(R) Chip-enabled merchants on the Visa payment network due to the security capabilities of the chip. Financial institutions and merchants can also share 10 times more data with each other than ever before for advanced risk-based decision-making to authenticate buyers from any connected device or app, often without asking the consumer to do anything at all. And the growing sophistication of artificial intelligence is making fraud detection faster and more accurate, which opens up new possibilities for new products and services because of consumer confidence in secure payments.
As the ecosystem evolves to be more secure, Visa envisions a future where we can reduce or eliminate the use of legacy verification methods as we continue to implement capabilities that leverage artificial intelligence and biometrics.
A survey commissioned by Visa in 2017 showed consumers welcome the use of biometrics as faster, easier, and more secure alternatives to passwords. Eighty six percent of consumers are interested in using biometrics to verify identity or to make payments and more than 65 percent are already familiar with biometrics. With advancements in mobile devices increasing the accuracy and speed of fingerprint and voice biometrics, the time has never been better to integrate biometric technology into banking apps and payment experiences for customers.
For security-minded individuals, mobile device manufacturers have addressed concerns about stolen biometric information by storing and encrypting biometric templates – algorithmic representations instead of actual biometric attributes – locally on consumer-owned devices instead of the cloud. This ensures an individual is always in possession of their personal biometric data with the option to delete the data at any time. In addition, authentication accuracy is bolstered by liveness detection used by biometric scanners and software that can identify if a fingerprint is copied or a facial scan is of a mask.
It's been roughly 6 years since fingerprint sensors were integrated into consumer smartphones and in this short amount of time, consumers have grown increasingly comfortable with the approach. The need for quick and easy authentication will only increase with the growth of digital products and services, and remembering unique passwords for every Internet connected device or app is untenable. Moving your product or service away from using passwords to some form of biometric authentication is not only imperative – it can be effectively done today.
Basic Security Tips for Managing Logins
Switch to biometric authentication, if availablePhysical biometrics are much more difficult to replicate. Criminals would also have to take the extra step of stealing your hardware device in order to commit payment fraud. Many mobile devices and apps offer users the option to switch to biometrics to verify identity or make a purchase.
Turn on alerts or notificationsNo solution is 100 percent foolproof and alerts are a good safeguard in case your login credentials are compromised. You are notified if your account is being accessed from a new device for the first time, even if legitimate credentials are used.
Use a password manager to manage and generate complex passwordsIf switching over to biometrics isn't an option, use a password manager from a reputable solution provider to store the passwords for your online accounts. Some password managers also help generate strong, complex passwords so you don't have to struggle coming up with them on your own.
EMV(R) is a registered trademark in the U.S. and other countries and an unregistered trademark elsewhere. The EMV trademark is owned by EMVCo, LLC.
About Visa
Visa Inc. (NYSE: V) is a global payments technology company that connects consumers, businesses, financial institutions, and governments in more than 200 countries and territories to fast, secure and reliable electronic payments. We operate one of the world's most advanced processing networks — VisaNet — that is capable of handling more than 65,000 transaction messages a second, with fraud protection for consumers and assured payment for merchants. Visa is not a bank and does not issue cards, extend credit or set rates and fees for consumers. Visa's innovations, however, enable its financial institution customers to offer consumers more choices: pay now with debit, pay ahead with prepaid or pay later with credit products. For more information, visit https://usa.visa.com/, visacorporate.tumblr.com and @VisaNews.